Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

testx2-mai...64.sys

windows7-x64

1

testx2-mai...64.sys

windows10-2004-x64

1

testx2-mai...1).exe

windows7-x64

1

testx2-mai...1).exe

windows10-2004-x64

1

testx2-mai...0).exe

windows7-x64

1

testx2-mai...0).exe

windows10-2004-x64

1

testx2-mai...1).exe

windows7-x64

1

testx2-mai...1).exe

windows10-2004-x64

1

testx2-mai...2).exe

windows7-x64

1

testx2-mai...2).exe

windows10-2004-x64

1

testx2-mai...3).exe

windows7-x64

1

testx2-mai...3).exe

windows10-2004-x64

1

testx2-mai...4).exe

windows7-x64

1

testx2-mai...4).exe

windows10-2004-x64

1

testx2-mai...5).exe

windows7-x64

1

testx2-mai...5).exe

windows10-2004-x64

1

testx2-mai...6).exe

windows7-x64

1

testx2-mai...6).exe

windows10-2004-x64

1

testx2-mai...7).exe

windows7-x64

1

testx2-mai...7).exe

windows10-2004-x64

1

testx2-mai...8).exe

windows7-x64

1

testx2-mai...8).exe

windows10-2004-x64

1

testx2-mai...9).exe

windows7-x64

1

testx2-mai...9).exe

windows10-2004-x64

1

testx2-mai...2).exe

windows7-x64

1

testx2-mai...2).exe

windows10-2004-x64

1

testx2-mai...0).exe

windows7-x64

1

testx2-mai...0).exe

windows10-2004-x64

1

testx2-mai...1).exe

windows7-x64

1

testx2-mai...1).exe

windows10-2004-x64

1

testx2-mai...2).exe

windows7-x64

1

testx2-mai...2).exe

windows10-2004-x64

1

Analysis

  • max time kernel
    234s
  • max time network
    277s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2024, 15:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    testx2-main/ads (15).exe

  • Size

    362KB

  • MD5

    b16954807827ccfa1e4738fce1089b62

  • SHA1

    b2f6607d68e4d197892c515b16b3f61252304120

  • SHA256

    2f8c68901f8df6f67796a8a892dd517c2011b93f271da04ed55448e9686ad984

  • SHA512

    48726f50886b81a08317a0db0171ae3264880d43514086766e3f9a354b59101cf0755f8d815ad6979eab8c7fcc62969ff977ed9d780f30323f6143697869c0ed

  • SSDEEP

    6144:eluUm0Yxw8f9ZzJ83K1woh8iMFJrCK1vHkk:eIUmXw29EYwoip

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\testx2-main\ads (15).exe
    "C:\Users\Admin\AppData\Local\Temp\testx2-main\ads (15).exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5024
    • C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\testx2-main\xmrigMiner.exe" --daemonized
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4060
      • C:\Users\Admin\AppData\Local\Temp\testx2-main\xmrigMiner.exe
        C:\Users\Admin\AppData\Local\Temp\testx2-main\xmrigMiner.exe --daemonized
        3⤵
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        PID:1748
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4232,i,18261153038209191383,10347744459236715365,262144 --variations-seed-version --mojo-platform-channel-handle=3940 /prefetch:8
    1⤵
      PID:4900

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1748-0-0x0000023A18BD0000-0x0000023A18BF0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-1-0x0000023A18C20000-0x0000023A18C40000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-4-0x0000023A18C40000-0x0000023A18C60000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-6-0x0000023A18CD0000-0x0000023A18CF0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-5-0x0000023A18CA0000-0x0000023A18CC0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-3-0x0000023A18C60000-0x0000023A18C80000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-2-0x0000023A18C80000-0x0000023A18CA0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-9-0x0000023A18D30000-0x0000023A18D50000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-10-0x0000023A18D50000-0x0000023A18D70000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-8-0x0000023A18D10000-0x0000023A18D30000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-7-0x0000023A18CF0000-0x0000023A18D10000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-13-0x0000023A18C40000-0x0000023A18C60000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-12-0x0000023A18C60000-0x0000023A18C80000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-11-0x0000023A18C80000-0x0000023A18CA0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-18-0x0000023A18D30000-0x0000023A18D50000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-17-0x0000023A18D10000-0x0000023A18D30000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-16-0x0000023A18CF0000-0x0000023A18D10000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-15-0x0000023A18CD0000-0x0000023A18CF0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-14-0x0000023A18CA0000-0x0000023A18CC0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1748-19-0x0000023A18D50000-0x0000023A18D70000-memory.dmp

      Filesize

      128KB

      Download